What U.S. Intelligence Knew About the Underpants Bomber

If you've been wondering how alleged failed transatlantic underpants bomber Umar Farouk Abdulmutallab was able to board a plane for the U.S. after his father had warned of his terrorist sympathies, you need to understand the different databases of suspected terrorists and how they operate. The only entry in the U.S. intelligence community's principal electronic database of suspected terrorists mentioning Abdulmutallab was based on a visit by the suspect's father to the U.S. Embassy in Abuja, Nigeria, according to two U.S. national security officials. Here is a chronology of what happened:

Abdulmutallab's father, wealthy Nigerian banker Dr. Alhaji Umaru Mutallab, spoke in person with officials at the embassy in the Nigerian capital on Nov. 19, said the officials, who asked for anonymity when discussing an ongoing investigation. During this meeting the senior Mutallab informed embassy officials that he was worried that his son had become involved with Islamic extremists; he specifically expressed concern that his son had either visited, or otherwise been in contact with, militants based in Yemen. Following the meeting, the officials said, the father's information was circulated within the embassy, including to representatives from U.S. intelligence agencies stationed there. The next day, Nov. 20, the embassy sent a cable to Washington, reporting what Alhaji Mutallab had said.

Within days of the cable reaching Washington, the information from it was entered in TIDE, a master list of around 550,000 terrorism suspects maintained by the National Counter Terrorism Center, the national security officials told Newsweek. This office, a unit of the Office of the Director of National Intelligence, was set up after the 9/11 attacks to ensure that information on terrorist suspects was rapidly shared among all relevant U.S. intelligence and law-enforcement agencies. (A detailed fact sheet on TIDE's origins and operations is posted on the Intelligence czar's Web site here) The TIDE database is the government's most comprehensive compilation of intelligence on known terrorism suspects. But, according to officials, it's also often very raw information which lacks the kind of legal substance that U.S. officials believe is required before such intelligence is used to restrict an individual's travel, for example by putting them on a "no-fly list" or special screening list maintained by the Terrorist Screening Center, a separate interagency unit run by the FBI.

According to testimony given to Sen. Joe Lieberman's Senate Homeland Security Committee earlier this month by the Terrorist Screening Center's director, Timothy Healy, names are only added to watch lists maintained by his agency to screen air-transport passengers (either for no-fly or for extra screening purposes) when two criteria are met. One criterion is that there be sufficient information to clearly establish that a person wishing to travel is the same person who is listed in the Center's database. Second, in order for any travel ban or extra screening requirement to be imposed on a suspect whose name is entered into the system, Healy said, the government must have "reasonable suspicion" that the person in question has been, or is about to be, involved in terrorism. As Healy put it: "Reasonable suspicion requires 'articulable' facts which, taken together with rational inferences, reasonably warrant a determination that an individual is known or suspected to be or has been engaged in conduct constituting, in preparation for, in aid of, or related to, terrorism and terrorist activities, and is based on the totality of the circumstances. Mere guesses or inarticulate 'hunches' are not enough to constitute reasonable suspicion."

In the case of Umar Abdulmutallab, national security officials said, the information from the embassy about his father's concerns, while considered important enough to enter in TIDE, the raw intelligence database maintained by NCTC, was regarded as insufficient to cause the Terrorist Screening Center to enter Abdulmutallab in its master database, known as the "Consolidated Terrorist Watch List," a national security official said. That list contains the names of around 400,000 individuals against whom U.S. agencies have already collected enough information to constitute "reasonable suspicion" of terrorism. Because Abdulmutallab's name was not entered into the consolidated watch list, the official added, it also was not included on two more limited subsets of the master list—a list of "selectees" who are supposed receive extra screening if they try to travel by air (this list includes about 13,000 names) and the Screening Center's even more limited "no-fly list," which contains just under 4,000 names.

"You get a lot of info every day," said one official close to the process. "Some of it is bad. Someone cannot just go into the data base and then go onto a 'no fly list'." For example, the official said, the TIDE data base contains the names of Irish Republican Army partisans who were involved in militant and possible violent activity in the past, but who are not regarded as any kind of threat to transportation today.

Although intelligence officials did not regard the report from Abdulmutallab's father as sufficiently weighty or detailed to move his name from TIDE onto a database that could have restricted or banned him from air travel, one national security official said that because the father had called attention to his son's possible involvement in Yemen, one or more U.S. intelligence agencies did begin some kind of effort to further investigate the son's Yemeni connections. At this point, it is unclear how far such inquiries progressed before the younger Abdulmutallab boarded Delta/KLM flight 253 on Christmas Day, except that no information was reported around U.S. intelligence agencies which reached the "reasonable suspicion" threshhold that could have led to more screening or a "no-fly" order affecting his travel plans.

Once it reached Washington, the embassy cable about Umar Abdulmutallab was also entered into Visa Viper, a State Department database used to track foreigners who apply for U.S. visas, a national security official said. Abdulmutallab had been granted his most recent multi-entry U.S. visa in June 2008, which was not due to expire until June of 2010. The VIPER entry based on Alhaji Mutallab's warning to the embassy included a notice that if or when Umar applied for an extension or renewal of his existing U.S. visa, then the case should be thoroughly examined in light of the father's concerns about the son, said the official. But this did not constitute an explicit instruction either that his current visa should be revoked or that any application for a fresh or extended visa should be denied. It is not clear whether the people who operated the TIDE database were aware that Abdulmutallab had a valid U.S. visa at the time the report on him from Abuja reached U.S. intelligence.

Administration officials, including Homeland Security Secretary Janet Napolitano, have begun to acknowledge that the fact that Abdulmutallab was apparently able to get an explosive device aboard Flight 253 indicates possible gaps in U.S. security and that improvements may have to be made. P. J. Crowley, the State Department's official spokesman, said his department and the embassy in Abuja performed as they were supposed to. "The father met with embassy officials on Nov. 19 and we sent out an alert on the information he provided one day later," Crowley told Newsweek.